Google redirecting 8 steps

By aussiemate ยท 4 replies
Mar 17, 2009
  1. hello, im also having issues with google directing webpages... now i have followed ur 8 steps but having issues with a couple of them. i scanned with bitdefender and no virus then ccleaner ok and then installed malwarebytes but havent been able to start program on desktop and safemode and also superspyware which wont let me install the program on desktop or safemode. now firefox and internet explorer im having probs with google but opera is ok if that helps. i hope u guys can help as its frustrating.
  2. kimsland

    kimsland Ex-TechSpotter Posts: 14,523

  3. kritius

    kritius TS Guru Posts: 2,084

    Are you able to run HJT from normal mode?


    Rename HijackThis.exe to aussie.exe by doing the following;

    • Navigate here using Windows Explorer (windows button + E) or My Computer -> Local Disk C: -> C:\Program Files\Trend Micro\HijackThis
    • Right-click on the HijackThis.exe
    • Choose from the pull-down menu; "Rename"
    • And now Rename HijackThis.exe to aussie.exe
    • When you've renamed HijackThis, open HijackThis again.
    • Take a fresh HijackThis log (click Do a system scan and save a log file)
    • Post the fresh HijackThis log here.
  4. aussiemate

    aussiemate TS Rookie Topic Starter

    hi all, as i said in my first post im still having probs with malwarebytes which wont start up on normal mode and safe mode and i cant install superantispyware on normal and safe mode... i have followed kimsland steps in troubleshooting but still having same probs. ok hope to from u guys as soon as possible
  5. kritius

    kritius TS Guru Posts: 2,084

    Fix entries using HiJackThis
    • Launch HiJackThis
    • Click the Do a system scan only button
    • Put a check next to the entries listed below
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
    O16 - DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} (VatCtrl Class) -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F8F6F334-C344-42D1-A94C-2875F633810A}: NameServer =,

    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer =,

    O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer =,

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer =,

    • IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
    • Click the Fix checked button and close HiJackThis
    • Reboot HijackThis if necessary

    Delete Domains

    Right click on this link DelO15Domains.inf and choose Save As. Save it to your desktop. Right click on that file and choose Install. It will run immediately (you won't be able to see anything happen). You may delete it afterwards. NOTE: This script will delete any sites you may have added to the Trusted Sites. So if you want them back, you have to add them back to the Trusted Sites again.

    Try to use Malwarebytes and SAS again.


    C:\Program Files\Trend Micro\aussie.exe\HijackThis.exe

    Should be this,
    C:\Program Files\Trend Micro\HijackThis\aussie.exe

    This next step is purely optional however viewpoint is considered foistware and is not needed on your computer,

    Go to Start > Run and copy/paste or type: taskmgr

    • Under the Processes tab find the following tasks or processes:



    • Highlight and click "End Process".
    • Exit Task Manager.

    Click on Start > Run and type: services.msc

    • Press "OK".
    • Click the "Extended tab".
    • Scroll down the list and find the service called "Viewpoint Manager Service"
    • When you find the service, double-click on it.
    • In the Properties Window > General Tab that opens, click the "Stop" button.
    • From the drop-down menu next to "Startup Type", click on "Disabled".
    • Now click "Apply", then "OK" and close any open windows.

    Click on Start > Settings > Control Panel > Add/Remove Programs > highlight and remove all references to Viewpoint - i.e. Viewpoint, Viewpoint Manager, Viewpoint Media Player.

    Finally, delete the following folders if they still exist:

    C:\Program Files\ViewManager\ <-- and delete this folder

    C:\Program Files\Viewpoint\ <-- and delete this folder

    I also recommend you uninstall Zone alarm spyblocker,

    Since recently, Zonealarm decided to include a "ZoneAlarm Spy Blocker toolbar" as well which is an optional during install.

    However, this Toolbar now uses the AskJeeves/ searchengine.

    More info: here.

    This Toolbar is not recommened. See here: here.

    Source: SpywareInfo/minkiemoes

    Post back a fresh log.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...